Date: Fri, 07 Oct 2011 16:48:43 +0200 From: s <s@samu.pl> To: <freebsd-hackers@freebsd.org> Subject: MAC Framework, retreiving information from sysctl Message-ID: <7a4b6f4b2366333f640027303870e0e6@samu.pl>
next in thread | raw e-mail | index | archive | help
Hi,
Once again I would like to ask some question about kernel module
programming using the MAC framework - but this time it may not be
strictly related to MAC.
So, I have made a simple security module (which I will publish as soon
as I'll finish it), and now I'd like to have some nice tool to modify
it's "rules" from the userland. Exactly the same thing is done by
ugidfw, to modify bsdextended rules.
But, here the problem appears - I don't know how to perform that. I've
got a simple, two-dimensional array which contains these "rules" (if I
can call them that way), and I would like to modify that array from the
userland. So, I guess the best way to do so would be sysctl(3). This is
what I've created, after reading mac_bsdextended source:
kernel module:
static int
sysctl_rule(SYSCTL_HANDLER_ARGS)
{
// ... some code to parse what has been sent ...
return (0);
}
SYSCTL_NODE(_security_somemodule, OID_AUTO, rules,
CTLFLAG_MPSAFE | CTLFLAG_RW, sysctl_rule, "Some description");
And now I should be able to send some data using sysctl(3). But I
really don't know how - and here my question comes. How should I send
this data? How should I parse SYSCTL_HANDLER_ARGS (from struct.h:
#define SYSCTL_HANDLER_ARGS struct sysctl_oid *oidp, void *arg1, int
arg2, struct sysctl_req *req */) to edit my array?
I will be grateful for any help - this is the only thing that remained
in this project... ;)
--
Pozdrawiam,
Jakub 'samu' SzafraĆski
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?7a4b6f4b2366333f640027303870e0e6>